Intelligent CXO Issue 19 | Page 37

INDUSTRY UNLOCKED

Securing the healthcare sector from the cyberthreats

Derrick Leau , Country Manager of Singapore , CyberArk , highlights the importance on securing the healthcare sector , provides recent ransomware attacks on healthcare organisations and solutions to protect them .

The omnipresent ransomware threat is changing how healthcare organisations approach cybersecurity – from formalising practices to obtain cyberinsurance coverage to improving their ability to restore encrypted data after attacks . But as cyberattackers lean heavily on third-party vendors and suppliers to extort ransoms , remaining gaps across healthcare security frameworks are coming into focus , including a lack of identity security controls for securing and managing privileged accounts and third-party access .

Healthcare is ransomware attackers ’ top target either to be sold to profit off extortions or to hire others to do their dirty work .
Taking a broader view across the healthcare supply chain
In the healthcare field , it ’ s common to view ransomware and other cyberthreats as they relate to the electronic health record ( EHR ). However , healthcare organisations should consider a more comprehensive approach that includes everything from software to connected devices , legacy systems and anything across the network .
According to the FBI , healthcare remains the most targeted industry by cyberattackers and based on the findings of the CyberArk 2022 Identity Security Threat Landscape Report , the average healthcare organisation faced two or more ransomware attacks over the past year .
While ransomware is far from new to the sector , attacks continue to grow in sophistication and scale . Cybercriminal organisations have increasingly been heading toward the ‘ As-a- Service ’ model for some time .
The Dark Web is now teeming with darknet marketplaces , such as AlphaBay , and underground forums where threat actors can sell or lease malicious tools and services . It is through these marketplaces that cyberattackers with little malware development experience can find virtually anything they need directly off the shelf , paying anonymously with cryptocurrency .
The most lucrative ‘ Cyberattack-as-a-Service ’ model is ransomware . Threat actors develop Ransomware-as-a-Service ( RaaS ) affiliate models
www . intelligentcxo . com
37